Considering the widespread use of contactless payment systems, it’s no surprise that portable point-of-sale thefts are making a comeback. This type of robbery is enjoying a new wave of popularity, and is much harder to spot given how quickly those transactions take place. But how much risk is there, really? And how can you protect yourself from POS scams?
The Case of Sorrento
A recent example of POS theft happened recently in Italy, when topic exploded again a few days ago when the news agency Ansa reported an arrest made in Sorrento after someone attempted to steal €100 from a cash register in a bar in the city center. During the search, law enforcement allegedly found a modified portable POS terminal.
It wasn’t the first time the alleged thief had been stopped with such a device; Ansa reports that they had been arrested previously in Rome. The device shown in the photos circulated by the media appears to be a SumUp Solo, or a portable POS capable of operating independently without being connected to a smartphone. It is a popular type of device in stalls and markets, given its affordability and ease of use.
This is also not the first time robbers with tech equipment have been arrested. In fact, last year Ansa reported on a similar case with apprehensions occurring at a highway rest stop.
Difficult, but Not Impossible
There are two possible modus operandi for this type of scam. The first is the more convenient one for the robbers: They steal a wallet and, at a later time, make a series of small transactions with a stolen card that do not require entering the PIN, as if to simulate a series of short-term purchases. When the limit is reached, the wallet is thrown away.
The second method can be described as a kind of trawling. Thieves choose crowded places with high densities of people likely to come in contact with one another, such as public transportation or lines in commercial establishments. They then proceed to create a payment request on a portable POS, hold it in their hands or hide it in some way, and place it in the back pockets of pants, bags, fanny packs, backpacks, and so on.
The success rate is very low due to a number of factors. The first is that it takes about 30 seconds to receive confirmation of the transaction, before the request must be repeated from the POS. The second is that the POS must be almost in contact with the card, usually within 0.5 to 4 cm. The third is that there must be no interfering elements, such as other cards. Therefore, the robber must encounter a series of fortuitous circumstances to be successful. While the rate of success is very low, it is not zero, so it is best to limit your risk as much as possible. Here are some tips.
How to Defend Yourself
It goes without saying that if you stick your wallet in the back pocket of your pants in plain view, you not only risk being robbed in the traditional way, but you also create the best scenario for this newer scam. You can opt for wallets with integrated RFID protection, which create a real barrier to these types of scams.
For maximum protection, you can receive notifications even for small contactless transactions through your bank ‘s app settings. Fraudsters typically choose small amounts, trusting that the victim will not receive notifications—often the victim may not notice the amount being withdrawn, perhaps confusing it with other small transactions. If you fall for the scam, it’s advisable to contact your bank immediately to dispute the transactions: Since everything is traceable, it’s possible to identify the device used by the fraudsters, although they may have switched to a new one in the meantime.
Finally, almost all modern smartphones are now equipped with an NFC chip for contactless payments. Thefts using portable POS terminals can often be prevented by the fact that the smartphone must be unlocked, so even if someone places a POS terminal on the unattended phone, no transaction takes place.
This story originally appeared on WIRED Italy and has been translated from Italian.
Source link